On 19 Nov 2017, at 16:59, Michael Ströder <michael@stroeder.com> wrote: > Note that ldap_initialize() does not really open the connection. Yes, that I knew. But it does work in the ldap_connect_to_host() at the beginning, it’s just the ldap_sasl_interactive_bind_s() a few microseconds later that fails for some reason.. > I suspect the issue is in your load-balancer setup. Yes, I’m absolutely convinced of that. That’s why I mentioned several times. The fact that it works “eventually” (within two hours is the last number I have) is proof of that. The question is what/why [it takes so long to start working]. The listener (port 636 only) is there (and working almost immediately), which is indicated by the fact that the initial connection works), so the ldap_sasl_interactive_bind_s() should work through that one, right? Have anyone tried running OpenLDAP behind HAProxy? Anything special one needs to do?
Attachment:
signature.asc
Description: Message signed with OpenPGP